formail disguising the recipient email - Perl Server Side CGI Scripting forum at WebmasterWorld - WebmasterWorld

Forum Moderators: coopster & phranque

Message Too Old, No Replies

formail disguising the recipient email

is there a way to use a second cgi script in formail to disguise the recipi

Egbert Souse

1:10 am on Dec 1, 2003 (gmt 0)

10+ Year Member

I am using formmail to try and avoid spam. UNfortunately in order for the form info to be mailed to me I need to include an email address.

<form action="http://www.exampledomain.\com/cgi-bin/formmail.cgi"
method="POST" onsubmit="return Form1_Validator(this)"
name="Form1">
<input type=hidden name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT">
<input type=hidden name="print_blank_fields" value="1">
<input type=hidden name="recipient" value="info@exampledomain.\com">

Please note that the \ in the domains is to further remove teh possibility of bots picking up the addresses.

I have tried using javascript to generate the email address to hide email address from SpamBots:
;<script language="javascript">
var email1 = "whoItisTo";
var email2 = "exampledomain\.com";
document.write("<a href=" + "mail" + "to:" + email1 + "@" + email2 + ">" + linktext + "</a>")
//-->
</script>

The above script works well when an additional line is added [ var linktext = "click here"; ] if I just wanted to post an email address to click on, but I want to collect certain info and need the form.

Also, since some people surf with javascript turned off, I would rather call a cgi program to fill in the recipient address from formmail.

Is this possible?

My other choice is to create a procmail recipe if the email is from whatever_address@exampledomain\.com and the subject is whatever_the_subject then it goes thur, otherwise it gets spam canned.

Suggestions, comments, and help are greatly appreciated.

Thanks in advance.

E.

marcs

1:15 am on Dec 1, 2003 (gmt 0)

10+ Year Member

You could use another form mailer. cgiemail comes to mind. It does not require an email address on the web page. It uses .txt file templates and the email address in in that file instead.

Egbert Souse

1:25 am on Dec 1, 2003 (gmt 0)

10+ Year Member

Thanks Marcs,

I'll check it out

Wizcrafts

6:34 am on Dec 3, 2003 (gmt 0)

10+ Year Member

I recommend and use NMS FormMail replacement scripts. You can find the current version here: [nms-cgi.sourceforge.net...]

The NMS FormMail script allows you to substitute aliases for recipient addresses. An example of the aliases inside the Perl script is:

%recipient_alias = ('1' => 'first_recipient@mydomain.net','2' => 'second_recipient@mydomain.net')

.

In your form you would insert numbers instead of email addresses in the Recipient field(s), as in:

<input type="hidden" name="recipient" value="1">

. You can also specify multiple recipients by number, separated by commas, as in:

<input type="hidden" name="recipient" value="1,2,3">

IMHO, Wiz

Egbert Souse

2:33 pm on Dec 3, 2003 (gmt 0)

10+ Year Member

Hi Wiz,

Thanks a lot I will check it out. With the new spam promotion bill that the US congress (remember yin/yang there is pro and there is con) is about to pass, any open email address will be subject to tons of spam forcing you to spend all day opting out of so called "Legitimate" UCE as long as it is not related to sex and viagra they can subscribe you to thier garbage.

That is why I am most anxious to take this preventative measure. Kill all active email accounts, start all new ones and don't post email on the web site.

E.

Wizcrafts

3:12 pm on Dec 3, 2003 (gmt 0)

10+ Year Member

Egbert;

Good first step. I have some suggestions based on my own fight to preserve Domain addresses for legitimate use. Here are some of them:

Obfuscate any email address that appears on any html or Javascript Include page
Use Javascript Includes to display the obfuscated mailto addresses
Use secure forms with aliases instead of email for inquiries
Ban email harvesters from your server with a .htaccess file (Apache only)
Use a sophisticated email screener like MailWasher Pro to filter out spam
Have all Webmaster inquiries forwarded to a Hotmail account, then apply the option to only accept email from your approved senders list, and add your legitimate contacts to the list. All spam sent to the webmaster from unapproved sources will be automatically deleted at the Hotmail server.
Create throwaway account names and aliases for your website use.
Alter your Whois info to hide your true contact info from the World. Only your Registrar needs to have your Owner and Billing info. Technical and Administration addresses can go to Hotmail accounts, where only email from approved senders are received.

I hope this helps. If you need to learn about using .htaccess to block harvesters and other web-exploiters, go to this WebmasterWorld Forum: [webmasterworld.com...] . It has a link at the top of page one to go to the previous discussion named "A close to perfect .htaccess ban list - Part 2," which has a link on its first page to Part 1. Non-paying members cannot go directly to those discussions because they do not have Member login credentials.

Wiz